Thycotic’s Cyber Security Publication

October 2nd, 2018

Small and medium-sized businesses (SMBs) face a cyber security trifecta. Cyber criminals are increasingly targeting the most vulnerable businesses (not just the biggest fish). Sophisticated attackers quickly take advantage of newly revealed vulnerabilities. And, cyber security professionals are in short supply.

Maybe SMBs aren’t aware that they can use the same types of security systems as larger enterprises…

The combined threat poses a clear and present danger. Yet, too many SMBs drag their feet when it comes to beefing up security because it seems overwhelming. Or, they assume a cyber attack won’t happen to them. Maybe they aren’t aware that they can use the same types of security systems as larger enterprises, even if they’re unable to field an enterprise-sized team of experts.

Many SMBs already embrace cloud-based solutions for infrastructure and operations management, and more are using it for security, too. Once SBMs have chosen to head down a cloud-first path for their hosting, having additional software in the cloud as well streamlines integration and key processes.

The Problem with Ostriches

Some SMBs are consciously or inadvertently practicing security through obscurity, hoping that criminals either don’t try to attack them, or don’t discover their vulnerabilities. Such a security stance can feel passive, like the metaphorical ostrich with its head in the sand, rather than an active effort to mitigate risk.

There is a clear disconnect between how some SMBs think about their security vs. how likely they actually are to fall victim to a cyber attack. Eighty seven percent (87%) of small business owners don’t believe that they’re at risk of a data breach. Yet, 43% of cyber attacks target small businesses, and 61% of data breach victims are small businesses.

Large data breaches capture headlines, but SMBs pose a juicy target for hackers. SMBs often have less security in place than a large enterprise, and also have at least some valuable data worth stealing. Hackers understand that for even modest effort they can obtain worthwhile paydirt.

The average cost of an attack on a SMB in 2017 was more than $2.2 million

Proactive SMBs, on the other hand, understand the likelihood of a cyber attack and demand solutions that give them security capabilities they need, starting with protections for privileged accounts (the ones that manage applications, software, and server hardware).

The first step to proactive cyber security is to systematically protect access to your most valuable systems. One way to limit unauthorized activity on these systems is to ensure privileged accounts don’t fall into the wrong hands, and if they do, that damage can be contained. By keeping control, you create a moat around access to your most precious systems, the ones which represent your company’s value and viability.

Hackers Don’t Quit, So You Can’t Either

Problem number two: the work of maintaining a secure system is never done. Hackers can automate continuous, zero day exploits to identify vulnerable or unpatched systems.

Security professionals must maintain their systems weekly, daily, even hourly, to prevent an attacker from taking advantage of each new exploit. Too many SMBs are doing this manually, if they’re doing it at all. In light of these types of attacks, an automated, policy-based strategy to protect privileged accounts remains a critical line of defense for SMBs.

You Deserve The Same Level of Cyber Security as Enterprises

Now for the third problem: cyber expertise. SMBs often can’t find or afford cyber security staff. There are more than 200,000 unfilled cyber security jobs in the US, and by 2021 there could be as many as 3.5 million unfilled openings worldwide.

Large enterprises are able to compete for top-notch talent to ensure infrastructure is locked down and critical privileged accounts are protected. Smaller organizations need the same level of impenetrability, yet often cannot afford to have a team in place.

You have plenty to worry about without being concerned if your privilege management applications are up to date. So, rather than patching the threat after the fact, you can implement a cloud PAM solution which will automatically remain up to date, with no approvals, committee meetings, capital expenses, or project plans required.

A cloud-first, SaaS offering can combine the best of on-premises software, without the overhead of installing, supporting and maintaining it yourself. That’s why Gartner says that by 2019, 30% of new PAM purchases will be delivered as a service.

With Secret Server in the cloud, you can avoid the financial and logistical nightmare of relying upon expensive professional service and consulting engagements to ensure your privileged accounts are properly protected and managed.

What to Look for in SasS Privileged Account Management

Evaluating a SaaS offering presents some unique requirements. The software must have all of the capabilities you need, while hosting infrastructure must conform to your most stringent standards. SMBs should look for integrated high-availability features and value-priced bundled offerings when choosing PAM software.

Additionally, you’ll want to confirm that the software you are using will be exactly the same as the on-premises version, and that the software provider is fully committed to keeping the hosted version in sync with the on-premise version.

Thycotic has the only feature-complete PAM service in the world, full stop. You can just sign up, log in, and get going.

Azure Hosting: The service is hosted on Microsoft’s secure Azure infrastructure, which is designed to withstand evolving attacks, provides secure user access to the environment, and safeguards customer data through encrypted communications.

Standards compliant: Azure meets a broad set of international and industry-specific compliance standards, such as General Data Protection Regulation (GDPR), ISO 27001, HIPAA, FedRAMP, SOC 1 and SOC 2, as well as country-specific standards, including Australia IRAP, UK G-Cloud, and Singapore MTCS.

Data isolation: Customer data needs to be completely isolated within the hosted environment, with encryption both in-transit and at rest. All Secret Server Cloud customer instances are completely isolated, with separate databases, supporting cloud infrastructure, and private encryption keys for each.

Geo-redundant: improve resilience and facilitate failover and recovery in the event of an outage or service interruption by taking advantage of distributed servers.

When SMBs are Empowered and Secure, There’s No Stopping Them

When you protect vulnerable privileged accounts without time-consuming manual work, and you don’t spend limited resources managing tools and infrastructure, just think what your business can achieve! We can’t wait to help you find out.

With a background in IT sales, presales, and technical support, Dan has been working with IT software and security for 6 years. When he is not demoing Secret Server, he helps customers to understand and implement Thycotic software in their environments.